The MS Teams SDK is bullshit. It's so half baked and comes with instructions like "you'll probably want a better implementation for production, good luck cause you'll have to write it yourself."

Oh and don't forget to cache your installations in a file called "notifications.json"

Deploying will create 2 app registrations (OIDC) and about 6 resources in Azure... But "you'll probably want to log to app insights in production"... So I hope you're very familiar with Bicep cause you'll have to figure out how to add that to your template properly and there are about 7 Bicep files to decipher and it doesn't create an app insights out of the box.

Probably written by an intern.

I'm breaking out our authentication logic to a separate OIDC server. It's technically pretty straightforward, but just the thought of moving all those users and making sure that the communication between the system and the auth server works properly makes me shiver...

I've been planning a startup project for months now. Then, what was a supposedly simple quest of finding out whether session-based or token-based authentication is better, has become a question of whether I should setup my own OpenID Connect (IODC) auth server or stick to simpler methods.

I've already spent almost a week learning OAuth2 and OIDC, and I can't tell whether this route is an overkill for my usecase. (Or that I just don't want to admit I'm falling into the shiny tech trap.)

How about you guys, how would you approach authentication? JWT/JWE? Sessions?

How can you build an oidc library almost completely on observables? Cannot complain about it, as it's open source, but what if you want to access some token data synchronously?